Yahoo malvertising actors turn attention to AdSpirit

Security researchers at Malwarebytes who have been hot on the trail of the actors that pulled off a recent malvertising attack on Yahoo have observed a similar campaign launched by the same group against publishing network AdSpirit.de used by drudgereport.com, findagrave.com and others.

As in the Yahoo attack, the hackers redirected traffic to Microsoft Azure websites to spread the increasingly malware, the Malwarebytes security researcher Jerome Segura said in a Thursday blog post.

“Both URLs are using HTTPS encryption, making it harder to detect the malicious traffic at the network layer,” he wrote.

The Yahoo campaign ultimately led victims to the Angler Exploit Kit (EK). At the time, Malwarebytes noted the EK often leads to Bedep ad fraud and CryptoWallransomware. The company alerted AdSpirit to the latest campaign and while it received no immediate response, “the rogue advert was taken down,” according to the post.

UPDATE: Malwarebytes reported the malvertising campaign has moved to eBay and AOL.com, in the latter leveraging a new Azure domain.

Techscape is SC Media’s content marketing platform. Industry experts share their views in the following categories

Partner Content is sponsored content brought to you by a vendor

SC Media arms cybersecurity professionals with the in-depth, unbiased business and technical information they need to tackle the countless security challenges they face and establish risk management and compliance postures that underpin overall business strategies.